Example 6 with ResourceResolver
use of org.apache.xml.security.utils.resolver.ResourceResolver in project santuario-java by apache.
the class ResourceResolverTest method testCustomResolver.
/**
* Tests registering a custom resolver implementation.
*/
@org.junit.Test
public void testCustomResolver() throws Exception {
String className = "org.apache.xml.security.test.dom.utils.resolver.OfflineResolver";
ResourceResolver.registerAtStart(className);
Document doc = XMLUtils.createDocumentBuilder(false).newDocument();
Attr uriAttr = doc.createAttribute("URI");
uriAttr.setValue("http://www.apache.org");
ResourceResolver res = ResourceResolver.getInstance(uriAttr, "http://www.apache.org", true);
try {
uriAttr.setValue("http://xmldsig.pothole.com/xml-stylesheet.txt");
res.resolve(uriAttr, null, true);
} catch (Exception e) {
e.printStackTrace();
fail(uriAttr.getValue() + " should be resolvable by the OfflineResolver");
}
try {
uriAttr.setValue("http://www.apache.org");
res.resolve(uriAttr, null, true);
fail(uriAttr.getValue() + " should not be resolvable by the OfflineResolver");
} catch (Exception e) {
//
}
}
Also used :
ResourceResolver(org.apache.xml.security.utils.resolver.ResourceResolver)
Document(org.w3c.dom.Document)
Attr(org.w3c.dom.Attr)
Example 7 with ResourceResolver
use of org.apache.xml.security.utils.resolver.ResourceResolver in project xades4j by luisgoncalves.
the class SignedDataObjectsProcessor method process.
/**
* Processes the signed data objects and adds the corresponding {@code Reference}s
* and {@code Object}s to the signature. This method must be invoked before
* adding any other {@code Reference}s to the signature.
*
* @return the reference mappings resulting from the data object descriptions.
*
* @throws UnsupportedAlgorithmException
* @throws IllegalStateException if the signature already contains {@code Reference}s
*/
Map<DataObjectDesc, Reference> process(SignedDataObjects signedDataObjects, XMLSignature xmlSignature) throws UnsupportedAlgorithmException {
if (xmlSignature.getSignedInfo().getLength() != 0) {
throw new IllegalStateException("XMLSignature already contais references");
}
for (ResourceResolver resolver : signedDataObjects.getResourceResolvers()) {
xmlSignature.addResourceResolver(resolver);
}
Collection<DataObjectDesc> dataObjsDescs = signedDataObjects.getDataObjectsDescs();
Map<DataObjectDesc, Reference> referenceMappings = new IdentityHashMap<DataObjectDesc, Reference>(dataObjsDescs.size());
String refUri, refType;
Transforms transforms;
String digestMethodUri = this.algorithmsProvider.getDigestAlgorithmForDataObjsReferences();
boolean hasNullURIReference = false;
/**/
try {
for (DataObjectDesc dataObjDesc : dataObjsDescs) {
transforms = processTransforms(dataObjDesc, xmlSignature.getDocument());
if (dataObjDesc instanceof DataObjectReference) {
// If the data object info is a DataObjectReference, the Reference uri
// and type are the ones specified on the object.
DataObjectReference dataObjRef = (DataObjectReference) dataObjDesc;
refUri = dataObjRef.getUri();
refType = dataObjRef.getType();
} else if (dataObjDesc instanceof EnvelopedXmlObject) {
// If the data object info is a EnvelopedXmlObject we need to create a
// XMLObject to embed it. The Reference uri will refer the new
// XMLObject's id.
EnvelopedXmlObject envXmlObj = (EnvelopedXmlObject) dataObjDesc;
refUri = String.format("%s-object%d", xmlSignature.getId(), xmlSignature.getObjectLength());
refType = Reference.OBJECT_URI;
ObjectContainer xmlObj = new ObjectContainer(xmlSignature.getDocument());
xmlObj.setId(refUri);
xmlObj.appendChild(envXmlObj.getContent());
xmlObj.setMimeType(envXmlObj.getMimeType());
xmlObj.setEncoding(envXmlObj.getEncoding());
xmlSignature.appendObject(xmlObj);
refUri = '#' + refUri;
} else if (dataObjDesc instanceof AnonymousDataObjectReference) {
if (hasNullURIReference) {
// This shouldn't happen because SignedDataObjects does the validation.
throw new IllegalStateException("Multiple AnonymousDataObjectReference detected");
}
hasNullURIReference = true;
refUri = refType = null;
AnonymousDataObjectReference anonymousRef = (AnonymousDataObjectReference) dataObjDesc;
xmlSignature.addResourceResolver(new ResolverAnonymous(anonymousRef.getDataStream()));
} else {
throw new ClassCastException("Unsupported SignedDataObjectDesc. Must be one of DataObjectReference, EnvelopedXmlObject and AnonymousDataObjectReference");
}
// Add the Reference. References need an ID because data object
// properties may refer them.
xmlSignature.addDocument(refUri, transforms, digestMethodUri, // id
String.format("%s-ref%d", xmlSignature.getId(), referenceMappings.size()), refType);
// SignedDataObjects doesn't allow repeated instances, so there's no
// need to check for duplicate entries on the map.
Reference ref = xmlSignature.getSignedInfo().item(referenceMappings.size());
referenceMappings.put(dataObjDesc, ref);
}
} catch (XMLSignatureException ex) {
// algorithm is not supported.
throw new UnsupportedAlgorithmException("Digest algorithm not supported in the XML Signature provider", digestMethodUri, ex);
} catch (org.apache.xml.security.exceptions.XMLSecurityException ex) {
// when signing.
throw new IllegalStateException(ex);
}
return Collections.unmodifiableMap(referenceMappings);
}
Also used :
Reference(org.apache.xml.security.signature.Reference)
IdentityHashMap(java.util.IdentityHashMap)
Transforms(org.apache.xml.security.transforms.Transforms)
ResolverAnonymous(org.apache.xml.security.utils.resolver.implementations.ResolverAnonymous)
DataObjectDesc(xades4j.properties.DataObjectDesc)
UnsupportedAlgorithmException(xades4j.UnsupportedAlgorithmException)
ResourceResolver(org.apache.xml.security.utils.resolver.ResourceResolver)
ObjectContainer(org.apache.xml.security.signature.ObjectContainer)
XMLSignatureException(org.apache.xml.security.signature.XMLSignatureException)
Example 8 with ResourceResolver
use of org.apache.xml.security.utils.resolver.ResourceResolver in project santuario-java by apache.
the class ResourceResolverTest method testLocalFileWithEmptyBaseURI.
@org.junit.Test
public void testLocalFileWithEmptyBaseURI() throws Exception {
Document doc = XMLUtils.createDocumentBuilder(false).newDocument();
Attr uriAttr = doc.createAttribute("URI");
String basedir = System.getProperty("basedir");
String file = new File(basedir, "pom.xml").toURI().toString();
uriAttr.setValue(file);
ResourceResolver res = ResourceResolver.getInstance(uriAttr, file, false);
try {
res.resolve(uriAttr, "", true);
} catch (Exception e) {
fail(e.getMessage());
}
}
Also used :
ResourceResolver(org.apache.xml.security.utils.resolver.ResourceResolver)
Document(org.w3c.dom.Document)
File(java.io.File)
Attr(org.w3c.dom.Attr)
Example 9 with ResourceResolver
use of org.apache.xml.security.utils.resolver.ResourceResolver in project santuario-java by apache.
the class DOMURIDereferencer method dereference.
@Override
public Data dereference(URIReference uriRef, XMLCryptoContext context) throws URIReferenceException {
if (uriRef == null) {
throw new NullPointerException("uriRef cannot be null");
}
if (context == null) {
throw new NullPointerException("context cannot be null");
}
DOMURIReference domRef = (DOMURIReference) uriRef;
Attr uriAttr = (Attr) domRef.getHere();
String uri = uriRef.getURI();
DOMCryptoContext dcc = (DOMCryptoContext) context;
String baseURI = context.getBaseURI();
boolean secVal = Utils.secureValidation(context);
// Check if same-document URI and already registered on the context
if (uri != null && uri.length() != 0 && uri.charAt(0) == '#') {
String id = uri.substring(1);
if (id.startsWith("xpointer(id(")) {
int i1 = id.indexOf('\'');
int i2 = id.indexOf('\'', i1 + 1);
id = id.substring(i1 + 1, i2);
}
Node referencedElem = dcc.getElementById(id);
if (referencedElem != null) {
if (secVal) {
Element start = referencedElem.getOwnerDocument().getDocumentElement();
if (!XMLUtils.protectAgainstWrappingAttack(start, (Element) referencedElem, id)) {
String error = "Multiple Elements with the same ID " + id + " were detected";
throw new URIReferenceException(error);
}
}
XMLSignatureInput result = new XMLSignatureInput(referencedElem);
result.setSecureValidation(secVal);
if (!uri.substring(1).startsWith("xpointer(id(")) {
result.setExcludeComments(true);
}
result.setMIMEType("text/xml");
if (baseURI != null && baseURI.length() > 0) {
result.setSourceURI(baseURI.concat(uriAttr.getNodeValue()));
} else {
result.setSourceURI(uriAttr.getNodeValue());
}
return new ApacheNodeSetData(result);
}
}
try {
ResourceResolver apacheResolver = ResourceResolver.getInstance(uriAttr, baseURI, secVal);
XMLSignatureInput in = apacheResolver.resolve(uriAttr, baseURI, secVal);
if (in.isOctetStream()) {
return new ApacheOctetStreamData(in);
} else {
return new ApacheNodeSetData(in);
}
} catch (Exception e) {
throw new URIReferenceException(e);
}
}
Also used :
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput)
Attr(org.w3c.dom.Attr)
ResourceResolver(org.apache.xml.security.utils.resolver.ResourceResolver)
Example 10 with ResourceResolver
use of org.apache.xml.security.utils.resolver.ResourceResolver in project santuario-java by apache.
the class Reference method getContentsBeforeTransformation.
/**
* Returns the XMLSignatureInput which is created by de-referencing the URI attribute.
* @return the XMLSignatureInput of the source of this reference
* @throws ReferenceNotInitializedException If the resolver found any
* problem resolving the reference
*/
public XMLSignatureInput getContentsBeforeTransformation() throws ReferenceNotInitializedException {
try {
Attr uriAttr = getElement().getAttributeNodeNS(null, Constants._ATT_URI);
ResourceResolver resolver = ResourceResolver.getInstance(uriAttr, this.baseURI, this.manifest.getPerManifestResolvers(), secureValidation);
resolver.addProperties(this.manifest.getResolverProperties());
return resolver.resolve(uriAttr, this.baseURI, secureValidation);
} catch (ResourceResolverException ex) {
throw new ReferenceNotInitializedException(ex);
}
}
Also used :
ResourceResolver(org.apache.xml.security.utils.resolver.ResourceResolver)
ResourceResolverException(org.apache.xml.security.utils.resolver.ResourceResolverException)
Attr(org.w3c.dom.Attr)
Aggregations
ResourceResolver (org.apache.xml.security.utils.resolver.ResourceResolver)10
Attr (org.w3c.dom.Attr)7
Document (org.w3c.dom.Document)4
XMLSignatureInput (org.apache.xml.security.signature.XMLSignatureInput)3
ResourceResolverException (org.apache.xml.security.utils.resolver.ResourceResolverException)3
Reference (org.apache.xml.security.signature.Reference)2
XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)2
Transforms (org.apache.xml.security.transforms.Transforms)2
ResolverAnonymous (org.apache.xml.security.utils.resolver.implementations.ResolverAnonymous)2
Test (org.junit.Test)2
File (java.io.File)1
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
IdentityHashMap (java.util.IdentityHashMap)1
CanonicalizationException (org.apache.xml.security.c14n.CanonicalizationException)1
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)1
ObjectContainer (org.apache.xml.security.signature.ObjectContainer)1
SignedInfo (org.apache.xml.security.signature.SignedInfo)1
TransformationException (org.apache.xml.security.transforms.TransformationException)1
Element (org.w3c.dom.Element)1
